CVE-2024-42812
CRITICALCVSS v3
9.8
CRITICAL
EPSS Score
28.3%
exploit probability
CISA KEV
No
known exploited
Exploitation
—
SSVC status
Description
In D-Link DIR-860L v2.03, there is a buffer overflow vulnerability due to the lack of length verification for the SID field in gena.cgi. Attackers who successfully exploit this vulnerability can cause the remote target device to crash or execute arbitrary commands.
Technical Details
- Published
- 8/19/2024
Frequently Asked Questions
What is CVE-2024-42812?
In D-Link DIR-860L v2.03, there is a buffer overflow vulnerability due to the lack of length verification for the SID field in gena.cgi. Attackers who successfully exploit this vulnerability can cause the remote target device to crash or execute arbitrary commands.
Is CVE-2024-42812 actively exploited?
Active exploitation of CVE-2024-42812 has not been confirmed. The EPSS score is 28.3%, indicating the estimated probability of exploitation in the next 30 days.
What is the CVSS score for CVE-2024-42812?
CVE-2024-42812 has a CVSS v3 base score of 9.8 (CRITICAL severity).
Is CVE-2024-42812 affecting your environment?
Use isMalicious to check if any of your IPs or domains are associated with this vulnerability's IOCs.